BrakeSec Education Podcast
472 episodes - English - Latest episode: about 1 month ago - ★★★★★ - 98 ratingsA podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
2019-007-bsides_seattle_recap-new_phishing_vector-Kernel_use_after_free_vuln
February 25, 2019 04:30 - 44 minutes - 20.5 MBBsides Seattle recap (Bryan) New phishing technique to bypass email filters- https://www.helpnetsecurity.com/2019/02/20/phishers-new-trick-for-bypassing-email-url-filters/ https://en.wikipedia.org/wiki/Office_Open_XML_file_formats#Relationships Use after free in Linux kernel: https://securityboulevard.com/2019/02/linux-use-after-free-vulnerability-found-in-linux-2-6-through-4-20-11/ https://www.webopedia.com/TERM/U/use-after-free.html https://cwe.mitre.org/data/definitions/4...
2019-006: CSRF, XSS, infosec hypocrites, and the endless cycle
February 18, 2019 02:21 - 40 minutes - 37.2 MBhttps://www.zdnet.com/article/google-working-on-new-chrome-security-feature-to-obliterate-dom-xss/ https://www.owasp.org/index.php/DOM_Based_XSS CSRF - confused deputy https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF) Google Cloud Platform - tip tricks, stuff ms. berlin learned Layer 8 conference - Rhode Island’’ I was wrong…..cycles don’t sync --Ms. Berlin https://health.clevelandclinic.org/myth-truth-period-really-sync-close-friends/ C...
2019-005: Security Researcher attack, disabling SPECTER, and Systemd discussion
February 11, 2019 02:59 - 55 minutes - 25.4 MBSpecterOps Class: https://www.eventbrite.com/e/adversary-tactics-red-team-operations-training-course-boston-june-2019-tickets-54970050902 https://www.secjuice.com/security-researcher-assaulted-ice-atrient/ https://www.csoonline.com/article/3338112/security/vendor-allegedly-assaults-security-researcher-who-disclosed-massive-vulnerability.html Tweet of application teardown: https://twitter.com/duniel_pls/status/1093565709630824448 https://www.zdnet.com/article/lin...
2019-004-ShmooCon, and Bsides Leeds discussion, Facetime bug (with update), a town for ransom
February 04, 2019 01:27 - 44 minutes - 41.1 MBFacetime bug update: https://www.cnbc.com/2019/02/01/apple-facetime-bug-fix-and-apology.html ShmooCon discussion Bsides Leeds discussion @largeCardinal @bsidesLeeds https://www.bbc.co.uk/news/uk-scotland-edinburgh-east-fife-47028244 https://www.theverge.com/2019/1/27/18195630/gdpr-right-of-access-data-download-facebook-google-amazon-apple https://www.theverge.com/2019/1/25/18198006/uber-jump-electric-scooter-austin-teen-arrested-bank-robbery-police ...
2019-003-Liz Rice, creating processes to shift security farther left in DevOps
January 28, 2019 04:39 - 1 hour - 58.2 MBBIO: Liz Rice is the Technology Evangelist with container security specialists Aqua Security, where she also works on container-related open source projects including kube-hunter and kube-bench. She was Co-Chair of the CNCF’s KubeCon + CloudNativeCon 2018 events in Copenhagen, Shanghai and Seattle, and co-author of the O’Reilly Kubernetes Security book. She has a wealth of software development, team, and product management experience from working on network protocols and distributed s...
2019-002-part 2 of the OWASP IoT Top 10 with Aaron Guzman
January 22, 2019 04:11 - 46 minutes - 42.2 MBintro CFP for Bsides Barcelona is open! https://bsides.barcelona Aaron Guzman: @scriptingxss https://www.computerweekly.com/news/252443777/Global-IoT-security-standard-remains-elusive https://www.owasp.org/index.php/IoT_Attack_Surface_Areas https://scriptingxss.gitbooks.io/embedded-appsec-best-practices//executive_summary/9_usage_of_data_collection_and_storage_-_privacy.html OWASP SLACK: https://owasp.slack.com/ https://www.owasp.org/images/7/79/OWASP_2018_IoT_Top10_Final.j...
2019-001: OWASP IoT Top 10 discussion with Aaron Guzman
January 14, 2019 07:26 - 36 minutes - 29.5 MBAaron Guzman: @scriptingxss https://www.computerweekly.com/news/252443777/Global-IoT-security-standard-remains-elusive https://www.owasp.org/index.php/IoT_Attack_Surface_Areas https://scriptingxss.gitbooks.io/embedded-appsec-best-practices//executive_summary/9_usage_of_data_collection_and_storage_-_privacy.html OWASP SLACK: https://owasp.slack.com/ https://www.owasp.org/images/7/79/OWASP_2018_IoT_Top10_Final.jpg Team of 10 or so… list of “do’s and don’ts” Sub-projects? Embe...
2018-045: end of the year podcast!
December 27, 2018 05:06 - 1 hour - 57.2 MBJoin the combined forces of: Jerry Bell (@maliciousLink) from Defensive Security Podcast! (https://defensivesecurity.org/) Bill Gardner from the "RebootIt! podcast" https://itunes.apple.com/us/podcast/reboot-it/id1256466198?mt=2 Ms. Berlin and Bryan Brake for the end of the year podcast! BrakeSec Podcast = www.brakeingsecurity.com RSS: https://www.brakeingsecurity.com/rss
2018-044: Mike Samuels discusses NodeJS hardening initiatives
December 18, 2018 16:30 - 56 minutes - 51.4 MBMike Samuels https://twitter.com/mvsamuel https://github.com/mikesamuel/attack-review-testbed https://nodejs-security-wg.slack.com/ Hardening NodeJS Speaking engagement talks: A Node.js Security Roadmap at JSConf.eu - https://www.youtube.com/watch?v=1Gun2lRb5Gw Improving Security by Improving the Framework @ Node Summit - https://vimeo.com/287516009 Achieving Secure Software through Redesign at Nordic.js - https://www.facebook.com/nordicjs/videos/232944327398936/?t=1781 W...
2018-043-Adam-Baldwin, npmjs Director of Security, event stream post mortem, and making your package system more secure
December 11, 2018 05:50 - 1 hour - 57.1 MBAdam Baldwin (@adam_baldwin) Director of Security, npm https://foundation.nodejs.org/ https://spring.io/understanding/javascript-package-managers Role in the NodeJS project Advisory? Active role? Maintain security modules? Are there any requirements to being a dev? Are there different roles in the NodeJS environment? Is there any review of system sensitive packages? (or has that ship sailed…) Discussion of timeline from NodeJS security team ...
2018-042-Election security processes in the state of Ohio
December 03, 2018 03:29 - 1 hour - 77.7 MBWhere in the world is Ms. Amanda Berlin? Keynoting hackerconWV Election Security Cuyahoga County: Intro: Jeremy Mio (@cyborg00101 Name? Why are you here? Discussing Ohio does election operations. Walk through the process Pre-Elections Elections Night Post Elections All about the C.I.A. Votes must be confidential Votes must not be compromised (integrity) Voting should be available and without outage Did a tabletop exercise with al...
2018-041: part 2 of Kubernetes security insights w/ ian Coldwater
November 26, 2018 05:42 - 44 minutes - 36 MB@IanColdwater https://www.redteamsecure.com/ *new gig* So many different moving parts Plugins Code Hardware She’s working on speaking schedule for 2019 How would I use these at home? https://kubernetes.io/docs/setup/minikube/ Kubernetes - up and running https://www.amazon.com/Kubernetes-Running-Dive-Future-Infrastructure/dp/1491935677 General wikipedia article (with architecture diagram): https://en.wikipedia.org/wiki/Kubernetes https:/...
2018-040- Jarrod Frates discusses pentest processes
November 19, 2018 03:08 - 1 hour - 37.2 MBJarrod Frates Inguardians @jarrodfrates “Skittering Through Networks” Ms. Berlin in Germany - How’d it go? TinkerSec’s story: https://threadreaderapp.com/thread/1063423110513418240.html Takeaways Blue Team: - Least Privilege Model - Least Access Model “limited remote access to only a small number of IT personnel” “This user didn't need Citrix, so her Citrix linked to NOTHING” “They limited access EVEN TO LOCAL ADMINS!” - Multi-Factor Authentication ...
2018-039-Ian Coldwater, kubernetes, container security
November 12, 2018 22:18 - 50 minutes - 40.3 MBIan Coldwater- @IanColdwater https://www.redteamsecure.com/ *new gig* So many different moving parts Plugins Code Hardware She’s working on speaking schedule for 2019 How would I use these at home? https://kubernetes.io/docs/setup/minikube/ Kubernetes - up and running https://www.amazon.com/Kubernetes-Running-Dive-Future-Infrastructure/dp/1491935677 General wikipedia article (with architecture diagram): https://en.wikipedia.org/wiki/Kubernetes ...
2018-038-InfosecSherpa, security culture,
November 05, 2018 06:39 - 59 minutes - 47.4 MB@InfoSecSherpa I have two talks coming up: Empathy as a Service to Create a Culture of Security at the Cofense Submerge conference Deep Dive into Social Media as an OSINT Tool at the H-ISAC Fall Summit (Health Information Sharing and Analysis Center) *Shameless Plug* My Nuzzel newsletters https://nuzzel.com/InfoSecSherpa https://nuzzel.com/InfoSecSherpa/cybersecurity-africa News stories - Biglaw Firm Hit With Cybersecurity Incident Earlier This Month (Published: 2...
2018-037-iWatch save man's life, Alexa detects your mood, and post-derby discussion
October 22, 2018 00:00 - 44 minutes - 35.7 MBHealth & Tech? https://arstechnica.com/gadgets/2018/10/amazon-patents-alexa-tech-to-tell-if-youre-sick-depressed-and-sell-you-meds/ https://hackaday.io/project/151388-minder (774 results for “health” on hackaday) (def don’t need to talk about, but still funny AF) https://hackaday.io/project/11407-myflow https://9to5mac.com/2017/12/15/apple-watch-saves-life-managing-heart-attack/ https://www.adheretech.com/ Privacy implications? Microsoft healthcare initiative ...
2018-036-Derbycon 2018 Audio with Cheryl Biswas and Tomasz Tula
October 15, 2018 03:20 - 39 minutes - 32 MBDerbycon is probably one of the best infosec conferences of the calendar year. The podcast always has so much fun meeting listeners, meeting new people, and getting some audio to share with folks who can't be there. This year, we still got some audio, and it's great. We talked with Cheryl Biswas (@3ncr1pt3d) with her talks at #Derbycon and her work with the #dianaInitiative Check out her talks at the links on @irongeek's website... Cheryl's Track talk: http://www.irongeek.com/i.php?page...
2018-035-software bloat is forever; malicious file extensions; WMIC abuses
October 01, 2018 04:14 - 52 minutes - 42.2 MBPizza Party Link - https://www.eventbrite.com/e/brakesec-derbycon-pizza-meetup-tickets-50719385046 News stories- Software/library bloat http://tonsky.me/blog/disenchantment/ https://hackernoon.com/how-it-feels-to-learn-javascript-in-2016-d3a717dd577f https://gbhackers.com/hackers-abusing-windows-management-interface-command-tool-to-deliver-malware-that-steal-email-account-passwords/ https://hackerhurricane.blogspot.com/2016/09/avoiding-ransomware-with...
2018-034-Pentester_Scenario
September 25, 2018 02:17 - 40 minutes - 32.1 MBInteresting email from one of our listeners. Detailing an issue that came up on a client engagement. We walk through best ways to store information post-engagement, and what you need to do to document test procedures so you don't get bit by a potential issue perhaps months down the line. Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email [email protected] #Brakesec Store!:https://www.teepublic...
2018--033-Chris_Hadnagy-SE-OSINT-vishing-phishing-book_interview-pt2
September 15, 2018 22:00 - 1 hour - 48.4 MBPart 2 of our interview with Chris Hadnagy Discuss more about his book, best ways to setup your pre-text in an engagement how you might read someone on a poker table a great story about Chris's favorite person “Neil Fallon” from the rock band “Clutch” and we talk about “innocent lives foundation”, something near and dear to Chris' heart. We start the second part of our interview with Chris with the question “are the majority of your SE engagements phishing and calls, or is it physica...
2018-032-chris Hadnagy, discusses his new book, OSINT and SE Part 1
September 08, 2018 16:19 - 37 minutes - 30.3 MBChristopher Hadnagy Interview: Origin story connoisseur of moonshine Social Engineering: The Science of Human Hacking 2nd Edition Sponsored Link (paperback on Amazon): https://amzn.to/2NKxLD9 SEORG book list: https://www.social-engineer.org/resources/seorg-book-list/ Chris’ Podcast: https://www.social-engineer.org/podcast/ SECTF at Derby (contestants are chosen) Remembering - attention to detail Remembering details Can be the difference between succes...
2018-031-Derbycon ticket CTF, Windows Event forwarding, SIEM collection, and missing events... oh my!
September 01, 2018 00:30 - 1 hour - 54.8 MBWe are back with a new episode this week! We got over our solutions for some of the #derbyCon ticket #CTF challenges and include links to some of the challenges. We talk about Windows Event Forwarder, and all log forwarders seem to losing events! Thanks to our Patrons! Gonna be at Derbycon, come see us! Congrats to our Derbycon Ticket CTF winners! Winner: @gigstaggart 2nd Place: @ohai_ninja 3rd Place: @SoDakHib Mr. Boettcher’s Challenge (SuperCrypto): https://driv...
2018-030: Derbycon CTF and Auction info, T-mobile breach suckage, and lockpicking
August 26, 2018 03:56 - 1 hour - 49.3 MBCTF information: Official site: https://scoreboard.totallylegitsite.com (thanks Matt Domko (@hashtagcyber) for hosting and allowing us to use his employee discount!) Please do not pentest the environment, not DDoS, nor cause anything undesirable to happen to the site. View the page, submit the flags, leave everything else alone... Derbycon Auction - starts September 8th at 9am Pacific Time Slack only - Opening bid is $175 Increments of $25 only ...
2018-029-postsummercamp-future_record_breached-vulns_nofix
August 17, 2018 04:39 - 55 minutes - 44.5 MBPost-Hacker Summercamp IppSec Walkthroughs Brakesec Derbycon ticket CTF - Drama - (hotel room search gate) AirconditionerGate Personal privacy Ask for ID Call the front desk Use the deadbolt - can be bypassed Plug the peephole with TP Hotel rooms aren’t secure (neither are the safes) Probably the most hostile environment infosec people go into to try and be secure/private https://247wallst.com/technology-3/2018/08/13/25-of-...
2018-028-runkeys, DNS Logging, derbycon Talks
August 09, 2018 05:53 - 50 minutes - 40.5 MBHTTPS on www.brakeingsecurity.com, Libsyn RSS syncing of itunes/google Play is over TLS Amanda giving a talk at Diana Initiative Derbycon Talk - mental health Volunteer/Topic request form - https://goo.gl/forms/wAiLW5Dh5h0MR5bO2 http://www.hexacorn.com/blog/2018/07/29/beyond-good-ol-run-key-part-82/ https://blogs.technet.microsoft.com/teamdhcp/2015/11/23/network-forensics-with-windows-dns-analytical-logging/ https://blogs.technet.microsoft.com/secadv/2018/01/22...
2018-027-Godfrey Daniels talks about his book about the Mojave Phonebooth
August 01, 2018 06:02 - 37 minutes - 30.2 MBGodfrey Daniels - author of "Adventures with the Mojave Phone Booth" on sale at mojavephoneboothbook.com https://en.wikipedia.org/wiki/Mojave_phone_booth https://www.tripsavvy.com/the-mojave-phone-booth-1474047 https://www.dailydot.com/debug/mojave-phone-booth-back-number/ https://www.npr.org/2014/08/22/342430204/the-mojave-phone-booth https://www.reddit.com/r/UnresolvedMysteries/comments/7wjq4a/cipher_broadcast_the_mojave_phone_booth_is_back/ https://twit...
2018-026-insurers gathering data, netflix released a new DFIR tool, and google no longer gets phished?
July 27, 2018 02:50 - 43 minutes - 35.1 MBStories and topics we covered: https://krebsonsecurity.com/2018/07/google-security-keys-neutralized-employee-phishing/ https://osquery.io/ https://www.propublica.org/article/health-insurers-are-vacuuming-up-details-about-you-and-it-could-raise-your-rates https://medium.com/netflix-techblog/netflix-sirt-releases-diffy-a-differencing-engine-for-digital-forensics-in-the-cloud-37b71abd2698 Join our #Slack Channel! Email us at [email protected] or DM us on Twitter ...
2018-025-BsidesSPFD, threathunting, assessing risk
July 19, 2018 06:12 - 34 minutes - 27.9 MBSorry, this week's show took an odd turn, and we don't have much in the way of show notes... Ms. Berlin is recovering from knee surgery, and we wish her a speedy recovery. Bryan B. got back from BsidesSPFD, MO this week, after what was a well-received talk on building community. Lots of other excellent talks from speakers like Ms. Sunny Wear , and impromptu panel with Ben Miller and a whole host of others, including: @icssec @bethayoung @ViciousData @killianditch @fang0654 @SunnyWea...
2018-024- Pacu, a tool for pentesting AWS environments
July 11, 2018 14:03 - 55 minutes - 44.3 MBBen Caudill @rhinosecurity Spencer Gietzen @spengietz Rhino Security - https://rhinosecuritylabs.com/blog/ AWS escalation and mitigation blog - https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/ What is the difference between this and something like Scout or Lynis? Is it a forensic or IR tool? How might offensive people use this tool? What is possible when you’re using this as a ‘redteam’ or ‘pentesting’ tool? S3 bucket perms...
2018-023: Cydefe interview-DNS enumeration-CTF setup & prep
July 02, 2018 05:47 - 55 minutes - 44.4 MBRaymond Evans - CTF organizer for nolacon and Founder of CyDefe Labs @cydefe CTF setup / challenges of setting up a CTF. Beginners & CTFs Types tips/tricks Biggest downfalls of CTF development https://www.heroku.com/ www.exploit-db.com BrakeSec DerbyCon @dragosinc dragos.com DNS Enumeration: https://github.com/nixawk/pentest-wiki/blob/master/1.Information-Gathering/How-to-gather-dns-information.md DNS Tools: https://dnsdumpster.com/ htt...
2018-022-preventing_insider_threat
June 26, 2018 03:37 - 47 minutes - 38.1 MBAfter the recent Tesla insider threat event, BrakeSec decided to discuss some of the indicators of insider threat, what can be done to mitigate it, and why it happens. news stories referenced: https://www.infosecurity-magazine.com/news/teslas-tough-lesson-on-malicious/ https://www.scmagazine.com/tesla-hit-by-insider-saboteur-who-changed-code-exfiltrated-data/article/774472/ https://en.wikipedia.org/wiki/Insider_threat https://en.wikipedia.org/wiki/Insider_threat_...
2018-021-TLS 1.3 discussion, Area41 report, wireshark goodness
June 20, 2018 06:27 - 42 minutes - 34.2 MBArea41 Zurich report Book Club - 4th Tuesday of the month https://www.owasp.org/images/d/d3/TLS_v1.3_Overview_OWASP_Final.pdf https://www.owasp.org/index.php/TLS_Cipher_String_Cheat_Sheet TLS_DHE_RSA_AES_256_GCM_SHA256 TLS = Protocol DHE = Diffie-Hellman ephemeral (provides Perfect Forward Secrecy) Perfect Forward Secrecy = session keys won’t be compromised, even if server private keys are Past messages and data cannot be retrieved or decrypted (https://en.wikip...
2018-020: NIST's new password reqs, Ms. Berlin talks about ShowMeCon, Pwned Passwords
June 13, 2018 04:17 - 36 minutes - 29.4 MBhttps://nostarch.com/packetanalysis3 -- Excellent Book! You must buy it. DetSEC mention ShowMe Con panel and keynote SeaSec East standing room only. Crispin gave a great toalk about running as Standard user Bsides Cleveland - https://www.passwordping.com/surprising-new-password-guidelines-nist/ 1Password version 7.1 integrates with Troy Hunt's "Pwned Passwords" service to check for passwords that suck https://twitter.com/troyhunt/status/100626698580887552...
2018-019-50 good ways to protect your network, brakesec summer reading program
June 06, 2018 02:20 - 47 minutes - 37.9 MBMs. Berlin’s mega tweet on protecting your network https://twitter.com/InfoSystir/status/1000109571598364672 Utica College CYB617 I tweeted “utica university” many pardons Mr. Childress’ high school class Laurens, South Carolina Probably spent as much as a daily coffee at Starbucks… makes all the difference. CTF Club, and book club (summer reading series) Patreon SeaSec East Showmecon Area41con bsidescleveland Here are 50 FREE things ...
2018-018-Jack Rhysider, Cryptowars of the 90s, OSINT techniques, and hacking MMOs
May 30, 2018 15:15 - 34 minutes - 27.4 MBhttps://darknetdiaries.com/ Jack Rhysider Ok I think these topics should keep us busy for a while. Topics for discussion: Do hospitals have a free pass when being attacked? #OPJUSTINA https://nakedsecurity.sophos.com/2014/04/28/anonymous-takes-on-boston-childrens-hospital-in-opjustina/ https://www.youtube.com/watch?v=eFVBz_ATAlU - when anonymous attacks your hospital The oldest known vulnerability is still a big problem. Default passwords. Why haven't we fixed this yet? htt...
2018-017- threat models, vuln triage, useless scores, and analysis tools
May 23, 2018 02:30 - 39 minutes - 31.7 MBVuln mgmt tools CVE scores suck. Threat modeling is good. Forces you to know your environment https://en.wikipedia.org/wiki/Kanban https://blog.jeremiahgrossman.com/2018/05/all-these-vulnerabilities-rarely-matter.html https://twitter.com/lnxdork/status/998559649271025664 https://www.google.com/search?q=house+centipede&rlz=1C5CHFA_enUS759US759&source=lnms&tbm=isch&sa=X&ved=0ahUKEwiypKyfpZjbAhWJjlkKHd0lASYQ_AUICigB&biw=1920&bih=983 https://googleprojectze...
2018-016- Jack Rhysider, DarkNet Diaries, and a bit of infosec history (Part 1)
May 15, 2018 14:34 - 37 minutes - 29.8 MBConverge Detroit Jack Rhysider- Podcaster, DarkNet Diaries https://darknetdiaries.com/ Do hospitals have a free pass when being attacked? #OPJUSTINA https://nakedsecurity.sophos.com/2014/04/28/anonymous-takes-on-boston-childrens-hospital-in-opjustina/ https://www.youtube.com/watch?v=eFVBz_ATAlU - when anonymous attacks your hospital The oldest known vulnerability is still a big problem. Default passwords. Why haven't we fixed this yet? https://www.rapid7.com/db/vulnerabili...
2018-015-Data labeling, data classification, and GDPR issues
May 07, 2018 04:41 - 52 minutes - 41.8 MBGDPR will affect any information system that processes or will process people… like it or not. Derby Tickets CTF and auction Keynote Converge Detroit I’ll be at nolacon too Boettcher Recap BDIR #3 https://blog.netwrix.com/2018/05/01/five-reasons-to-ditch-manual-data-classification-methods/ https://blog.networksgroup.com/data-loss-prevention-fundamentals Join our #Slack Channel! Email us at [email protected] or DM us on Twitter @brakesec #Spoti...
2018-014- Container Security with Jay Beale
April 29, 2018 23:58 - 1 hour - 52.5 MBContainer security Jay Beale @inguardians , @jaybeale Containers What the heck is a container? Linux distribution with a kernel Containers run on top of that, sharing the kernel, but not the filesystem Namespaces Mount Network Hostname PID IPC Users Somebody said we’ve had containers since before Docker Containers started in 2005, with OpenVZ Docker was 2013, Kubernetes 2014 Image Security CoreOS Clair for vuln scanning images Public repos vs priva...
2018-013-Sigma_malware_report, Verizon_DBIR discussion, proper off-boarding of employees
April 20, 2018 23:32 - 1 hour - 52.3 MBReport from Bsides Nash - Ms. Berlin New Job Keynote at Bsides Springfield, MO Mr. Boettcher talks about Sigma Malware infection. http://www.securitybsides.com/w/page/116970567/BSidesSpfd **new website upcoming** Registration is coming and will be updated on next show (hopefully) DBIR -https://www.verizonenterprise.com/resources/reports/rp_DBIR_2018_Report_execsummary_en_xg.pdf VERIS framework http://veriscommunity.net/ 53,000 incidents 2,216 breaches?! ...
2018-012: SIEM tuning, collection, types of SIEM, and do you even need one?
April 11, 2018 16:30 - 1 hour - 48.6 MBBryan plays 'stump the experts' with Ms. Berlin and Mr. Boettcher this week... We discuss SIEM logging, and tuning... How do SIEM deal with disparate log file types? What logs should be the first to be gathered? Is a SIEM even required, or is just a central log repo enough? Which departments benefit the most from logging? (IT, IR, Compliance?) Join our #Slack Channel! Email us at [email protected] or DM us on Twitter @brakesec #Spotify: https://brakesec.com/spotifyBDS...
2018-011: Creating a Culture of Neurodiversity
April 04, 2018 04:10 - 1 hour - 56.5 MBMegan Roddie discusses being a High functioning Autistic, and we discuss how company and management can take advantage of the unique abilities of those with high functioning autism. Direct Link: http://traffic.libsyn.com/brakeingsecurity/2018-011.mp3 Matt Miller's Assembly and Reverse Engineering Class: Still can sign up! The syllabus is here: https://drive.google.com/open?id=1alsTUhGwAAnR6BA27gGo3OdjEHFnq2wtQsynPfeWzd0 SHOW NOTES: Link to Megan’s slides Mega...
2018-010 - The ransoming of Atlanta, Facebook slurping PII, Dridex variants
March 27, 2018 15:41 - 37 minutes - 30.3 MBMatt Miller’s #Assembly and #Reverse #Engineering class $150USD for each class, 250USD for both classes Syllabus : https://docs.google.com/document/d/1alsTUhGwAAnR6BA27gGo3OdjEHFnq2wtQsynPfeWzd0/edit?usp=sharing Please state which class you'd like to take when ordering in the "Notes" field in Paypal https://paypal.me/BDSPodcast/150usd To sign up for both classes: https://paypal.me/BDSPodcast/250usd Stories: https://threatpost.com/orbitz-warns-880000-payment-cards-sus...
2018-009- Retooling for new infosec jobs, sno0ose, Jay Beale, and mentorship
March 19, 2018 05:30 - 1 hour - 57.7 MBDirect Link: http://traffic.libsyn.com/brakeingsecurity/2018-009-internships-mentorships-retooling-finding-that-unicorn-pentester.mp3 Topics discussed: How Jay Beale (@jaybeale @inguardians) and Brad A. (@sno0ose) do mentorship and apprenticeship in their respective orgs. Best methods to retool yourself if you are trying to move to a new industry Why 'hitting the ground running' isn't the sign of an immature organization... Matt Miller’s #Assembly and #Reverse #Engineering class $1...
BDIR-001: Credential stealing emails, How do you protect against it?
March 12, 2018 22:04 - 1 hour - 74.7 MBBDIR Episode - 001 Our guests will be: Martin Brough - Manager of the Security Solutions Engineering team in the #email #phishing industry Topic of the Day: CREDENTIAL STEALING EMAILS WHAT CAN YOU DO Join us for Episode-001, our guest will be: Martin Brough - Manager of the Security Solutions Engineering team in the email phishing industry Topic of the day will be: "CREDENTIAL STEALING EMAILS WHAT CAN YOU DO" Show Notes: Introductions Introduce our Guest Martin Broug...
2018-008- ransomware rubes, Defender does not like Kali, proper backups
March 12, 2018 06:45 - 58 minutes - 46.6 MBhttps://www.auditscripts.com/free-resources/critical-security-controls/ Thanks to Slacker Ben Chung, who heard about this from John Strand... BsidesIndy report - Amanda Bsides Austin - Brian Log_MD 2.0 - www.log-md.com https://www.bleepingcomputer.com/news/security/only-half-of-those-who-paid-a-ransomware-ransom-could-recover-their-data/ https://itsfoss.com/kali-linux-debian-wsl/ https://www.bleepingcomputer.com/news/security/kali-linux-now-in-windows-store-but-d...
2018-007- Memcached DDoS, Secure Framework Documentation, and chromebook hacking
March 05, 2018 15:06 - 45 minutes - 36.8 MBTopics: Secure Framework documents Modifying chromebooks so you can use Debian/Ubuntu Memcached is the new DDoS hotness Announcement of the next BrakeSec Training Class (see Show Notes below for more info) Link to secure framework document: https://drive.google.com/open?id=1xLfY4uI88K2AiA1mosWJ7jFyP100Jv5d Tickets are already on sale for "Hack in the Box" in Amsterdam from 9-13 April 2018, and using the checkout code 'brakeingsecurity' discount code gets you a 10% discount". Registe...
2018-006- NPM is whacking boxes, code signing, and stability of code
February 26, 2018 19:45 - 46 minutes - 37.1 MBTopics on today's show: NPM (Node Package Manager) - bug was introduced changing permissions on /etc, /boot, and /usr, breaking many systems, requiring full re-installs. Why was it allowed to be passed, and worse, why did so many run that version on production systems? Code signing - a well known content management system does not sign it's code. What are the risks involved in not signing the code? And we talk about why you should verify the code before you use it. Using code without t...
2018-005-Securing_your_mobile_devices_and_CMS_against_plugin_attacks
February 14, 2018 06:52 - 48 minutes - 38.8 MBDirect Link: http://traffic.libsyn.com/brakeingsecurity/2018-005-Securing_CMS_and_mobile_devices-phishing_story.mp3 Topics: Discussion of Ms. Berlin's course CAPEC discussion RTF malware MS Office A Phishing story... Mobile Supply Chain Security CMS Supply Chain Security Ms. Berlin’s course - recap of 2nd session Brakeing Down IR -date? Any malware of note? Upgrade your Office! Just double-clicked, used rtf and document never opened, just the script ran. ...
2018-004 - Discussing Bsides Seattle, and Does Autosploit matter?
February 05, 2018 03:27 - 38 minutes - 31 MBShow Notes: https://docs.google.com/document/d/1CSjskf-3vrguoyIyg8yOK2KLqg7srxYlee4RD6jzgNc/edit?usp=sharing Topics Discussed: New tool : AutoSploit - Does it lower the bar? How should Blue teamers be using Shodan? Discuss WPAD attacks, what WPAD is, and why it's a thing blue teams should worry about. ANNOUNCEMENTS: Ms. Amanda Berlin is running 4 session of her workshop "Disrupting the Killchain" starting on the 5th of February at 6:30pm Pacific Time (9:30 Eastern Time) ...